admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-02-16 23:53:28 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
e2e9901bf9ec94de03e5ed7490847aac0ccbc598
nuclei-templates/cloud/gcp/storage/gcloud-secure-cors-configuration.yaml
Prince Chaddha ea7a5969c8 Revert "chore: update TemplateMan 🤖" 
This reverts commit c31d574176.
2025-05-27 10:39:47 +08:00

72 lines
2.2 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
id: gcloud-secure-cors-configuration
info:
name: Secure CORS Configuration for Cloud Storage Buckets
author: princechaddha
severity: medium
description: |
Ensure that Cross-Origin Resource Sharing (CORS) configuration set for your Google Cloud Storage buckets only allows trusted origins to prevent unauthorized data access from web applications. The trusted, authorized origins must be configured according to your organization's policy.
impact: |
Improper CORS configuration can allow unauthorized web applications to access sensitive data stored in your Cloud Storage buckets.
remediation: |
Update the CORS configuration for your Cloud Storage buckets to only allow trusted origins defined by your organizations policy.
reference:
- https://cloud.google.com/storage/docs/configuring-cors
tags: cloud,devops,gcp,gcloud,google-cloud-storage,cors,security,gcp-cloud-config
flow: |
code(1)
for(let projectId of iterate(template.projectIds)){
set("projectId", projectId)
code(2)
for(let bucketName of iterate(template.buckets)){
set("bucketName", bucketName)
code(3)
}
}
self-contained: true
code:
- engine:
- sh
- bash
source: |
gcloud projects list --format="json(projectId)"
extractors:
- type: json
name: projectIds
internal: true
json:
- '.[].projectId'
- engine:
- sh
- bash
source: |
gcloud storage buckets list --project $projectId --format="json(name)"
extractors:
- type: json
name: buckets
internal: true
json:
- '.[].name'
- engine:
- sh
- bash
source: |
gcloud storage buckets describe gs://$bucketName --format="json(cors_config[].origin)" | jq -r '.[]? // "null"'
matchers:
- type: word
words:
- 'null'
extractors:
- type: dsl
dsl:
- '"The CORS configuration for the bucket " + bucketName + " in project " + projectId + " is either not set or includes unauthorized origins."'
# digest: 490a00463044022050e65bff1ef6759a0b3755b753e29f72a4574d974eee26a043ac0136ba47bc2402204210b2bbdca4898db2eb053ba84de7f4c084d0ffbc04f8d1b2c85f98afc5408d:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink